Introduction
The organisation is thriving — a recognised leader in global finance. Trusted by millions to deliver secure, seamless currency exchange and payment solutions. Innovation is driving growth, and digital transformation is accelerating revenue. Everything is working well, until it happens…
Suddenly, systems go offline. Customers are locked out. Offices need to close. It’s ransomware. Critical systems are encrypted, and a call is made to restore from backup. However, the backup data is incomplete, outdated, and unusable. Recovery stalls. The damage is done.
This introduction is based on a real-world example, where operations were severely impacted by the backup and restore strategy. In this article, we explore how backup and recovery planning is essential – we reference a case study, provide general guidance, and recommendations.
What is Backup and Restore?
Ensuring the organisation makes regular copies of important data and systems, and can use them quickly if something goes wrong. It’s about having copies of data stored securely, tested regularly, and kept separate from the main systems – to avoid being affected by incidents. If data is lost, encrypted by malicious software, or systems are locked, being able to recover from reliable backups can make all the difference.
Relatable Case Study
- Organisation: Travelex (Global currency exchange provider)
- Incident: In 2020, Travelex was hit by a ransomware attack that encrypted its systems and disrupted services worldwide. Customers couldn’t access accounts, and branches were forced to close. The attack exposed weaknesses in the backup and recovery processes, leaving them unable to restore systems quickly.
- Financial Implications: The company reportedly suffered millions in losses
- How it Links to the Backup and Restore:
- Cyber Resilience – poor backup management can leave an organisation vulnerable and result in severe impacts, relating to finance, operations and business survival
General Guidance
- Back up data regularly and securely
- Store backups separately from the main copy
- Test restores regularly
- Use automated tools where possible
- Make backup and restore a routine activity
Recommended Actions
- Keep it simple and secure
- Use a risk assessment to help drive the requirements for your organisation
- Document what data is backed up, how often, and where it’s stored
- Operate the 3-2-1 rule: keep 3 copies of data, on 2 media types, with 1 offsite or in the cloud
- Encrypt backups to protect the information
- Schedule regular restores to confirm backups work effectively and meet recovery time objectives
- Seek guidance and support from an IASME Certification Body and Certified Information System Security Professional (CISSP) – such as RB Consultancy Ltd
How We Help
At RB Consultancy Ltd, we support organisations by:
- Providing templates, guidance, and experience to support
- Explaining what security measures are available and how they can help
- Collaborating to implement controls to support the requirements
- Assessing and issuing certifications – such as Cyber Essentials and Cyber Assurance
- Contact us for consultancy and certification support
Conclusion
Effective backup and restore activity can help reduce the impact of incidents, support business operations and enable effective business continuity. The Travelex case study helps highlight the importance and consequences of backup management. For effective cyber resilience, organisations should regularly back up data, keep securely, store separately, and test frequently – consider operating the 3-2-1 rule.
RB Consultancy Ltd helps organisations understand the importance of backup and restores – we support the implementation of appropriate measures to help build cyber resilience. We are an IASME Certification Body and NCSC Assured Service Provider that provide services to empower and protect organisations. Holding CISSP and ISO 27001 lead implementer certification, you can Contact Us for assistance with cyber security resilience.
This blog is written by Remo Belisari, Managing Director of RB Consultancy Ltd. He is an experienced cyber security professional and cyber advisor. Remo holds certifications in CISSP, ISSAP, ISO 27001, Cyber Essentials, and IASME Cyber Assurance. He has many years of experience in IT and cybersecurity. He has supported organisations worldwide. His work includes helping a Fortune 500 company in the USA and over 100 organisations across the UK. The views in this blog are his own. They do not necessarily reflect the views of RB Consultancy Ltd, its clients, partners, or affiliates. The content is for general information only.